Direct Minimum-Knowledge Computations (Extended Abstract)

  • Russell Impagliazzo
  • Moti Yung
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 293)


We present a protocol scheme which directly simulates any given computation, defined on any computational device, in a minimum-knowledge fashion. We also present a scheme for simulation of computation in dua1 (perfect) minimum-knowledge fashion. Using the simulation protocol, we can that one user transfers to another user exactly the result of a given computation and nothing more.

The simulation is direct and efficient; it extends, simplifies and unifies important recent results which have useful applications in cryptographic protocol design. Our technique can be used to implement several different sorts of transfer of knowledge, including: transfer of computational results, proving possession of information, proving knowledge of knowledge, gradual and adaptive revealing of information, and commitment to input values.

The novelty of the simulation technique is the separation of the data encryption from the encryption of the device’s structural (or control) information.


Turing Machine Dual Model Oblivious Transfer Interactive Proof Probabilistic Machine 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Alexi, W., Chor, B., Goldreich O. and Schnorr C.P. RSA/Rabin Bits are 1/2 + (1/poly(k)) Secure. Proc. 25th FOCS, IEEE, 1984, pp. 449–457.Google Scholar
  2. 2.
    Benaloh, J.C. and Yung M. Distributing the Power of a Government to Enhance the Privacy of Voters. Proc. 5th PODC, ACM, 1986, pp. 52–62.Google Scholar
  3. 3.
    Blum, M. and S. Goldwasser. An Efficient Probabilistic Public-Key Scheme Which Hides All Partial Information. Proceedings of Crypto84, 1985, pp. 289–301.Google Scholar
  4. 4.
    Blum, L., Blum M. and Shub M. Comparison of Two Pseudo-Random Number Generators. Proceedings of Crypto82, August, 1982, pp. 61–78.Google Scholar
  5. 5.
    Blum, M. Coin Flipping by Phone. COMPCON, IEEE, 1982, pp. 133–137.Google Scholar
  6. 6.
    Boyar, J.F., M.W. Krentel, and S.A. Kunz. A Discrete Logarithm Implementation of Zero-Knowledge Blobs. 87-002, University of Chicago, March, 1987.Google Scholar
  7. 7.
    Brassard, G. and C. Crepeau. Non-Transitive Transfer of Confidence: A Perfect Zero-Knowledge Interactive Protocol for SAT and Beyond. 27th FOCS, IEEE, October, 1986, pp. 188–195.Google Scholar
  8. 8.
    Brassard, G., and Crepeau C. Zero-Knowledge Simulation of Boolean Circuits. Proceedings of Crypto 86, 1986.Google Scholar
  9. 9.
    Brickell, E.F., D. Chaum, I. Damgard, and J. van de Graaf. Gradual and Verifiable Release of a Secret. These proceedings.Google Scholar
  10. 10.
    Chaum, D. Demonstrating that a Public Predicate can be Satisfied Without Revealing Any Information About How. Proceedings of Crypto86, 1986.Google Scholar
  11. 11.
    Cohen, J.C. (Benaloh) and Fischer M.J. A Robust and Verifiable Cryptographically Secure Election Scheme. Proc. 26th FGCS, IEEE, 1985, pp. 372–383.Google Scholar
  12. 12.
    Feige, U., A. Fiat and A. Shamir. Zero-Knowledge Proofs of Identity. 19th STOC, 1986, pp. 210–217.Google Scholar
  13. 13.
    Fischer, M., S. Micali, C. Rackoff, and D. Wittenberg. An Oblivious Transfer Protocol Equivalent to Factoring. Manuscript, 1986. 210–217.Google Scholar
  14. 14.
    Galil, Z., Haber S. and Yung M. Symmetric Public-Key Encryption. Crypto85 proceedings, 1985, pp. 128–137.Google Scholar
  15. 15.
    Galil, Z., Haber S. and Yung M. A Private Interactive Test of a Boolean Predicate and Minimum-Knowledge Public-Key Cryptosystems. Proc. 26th FOCS, IEEE, 1985, pp. 360–371.Google Scholar
  16. 16.
    Garey, M.R., and D.S. Johnson. Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman and Company, New York, 1979.zbMATHGoogle Scholar
  17. 17.
    Goldreich, O., S. Micali and A. Wigderson. Proofs that Yield Nothing But their Validity and a Methodology of Cryptogrphic Protocol Design. 27th FOCS, IEEE, October, 1986, pp. 174–187.Google Scholar
  18. 18.
    Goldwasser, S. and Micali S. Probabilistic Encryption and How to Play Mental Poker Keeping Secret All Partial Information. Proceedings of the 14th Annual ACM Symp. on Theory of Computing, ACM-SIGACT, May, 1982, pp. 365–377.Google Scholar
  19. 19.
    Goldwasser, S., S. Micali and C. Rackoff. The Knowledge Complexity of Interactive Proof-Systems. 17 STOC, ACM-SIGACT, May, 1985, pp. 291–304.Google Scholar
  20. 20.
    Goldwasser, S. and M. Sipser. Private Coins versus Public Coins in Interactive Proof System. Proceedings of the 18 Annual’ACM Symp. on Theory of Computing, ACM-SIGACT, May, 1986, pp. 59–68.Google Scholar
  21. 21.
    Micali, S., C. Rackoff and B. Sloan. The Notion of Security for Probabilistic Cryptosystems. Proceedings of Crypto86, 1986.Google Scholar
  22. 22.
    Tompa, M. and H. Woll. Random Self-Reducibility and Zero-Knowledge Interactive Proofs of Possession of Information. 28th FOCS, 1986.Google Scholar
  23. 23.
    Yao, A. Theory and Applications of Trapdoor Functions. 23rd FOCS, IEEE, November, 1982, pp.80–91.Google Scholar
  24. 24.
    Yao, A. How to Generate and Exchange Secrets. 27th FOCS, IEEE, October, 1986, pp. 162–167.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1988

Authors and Affiliations

  • Russell Impagliazzo
    • 1
  • Moti Yung
    • 2
  1. 1.U.C. BerkeleyBerkeley
  2. 2.Columbia UniversityColumbia

Personalised recommendations